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REMARKS 

Reconsideration of the application is respectfully 
requested. Claims 1-10 were rejected under Section 102 as being 
5 anticipated by Coss. This rejection is respectfully traversed. 

Coss describes method for improving the performance of a 
firewall. The patent seems to discuss support for complex acces 
rules, multiple users and multiple networks. It also relates t 
filtering, access rule decisions and redirect proxy processing 

10 i.e. off-loading of application level processing from a firewall 
to external proxy servers. Proxy redirection allows a firewall 
to determine, based on incoming data packets, that an external 
proxy server should be used to handle the proxy functionality for 
the application. This determination is made without knowledge or 

15 "consent" of the client (host in the internal network) # The goal 
is to off-load proxy functionality away from the firewall into 
dedicated proxy servers. Regardless, only the firewall and the 
relevant proxy servers remain aware of the solution - the goal is 
transparency for the client. Coss also seem to consider intranet 

20 firewalls, i.e. firewalls that apply security policy to traffic 
exchanged in the internal network, as a means of increasing 
security* 

The present invention enables the use of encryption in an 
internal network, such as a corporate network, as a means of 
25 improving user security. For instance, if a computer in the 
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internal network needs to communicate with an outside server, 
carrying sensitive data, the present invention allows the client 
computer to use end-to-end encryption between itself and the 
outside server, but still allows the firewall to control security 
5 policy. End-to-end encryption benefits user security but causes 
a policy control problem: the firewall is only able to base 
access control decisions on externally visible unencrypted fields 
(such as IP addresses), when more complete control (e.g. over 
TCP/UDP port numbers) is desirable. Traditional firewall 
10 implementation methods, including Coss, cannot be used in such a 
situation for accurate policy control. 

The steps of the present invention allow the host in the 
intranet to interact with the firewall to effect policy lookup 
and enforcement. Instead of the firewall performing both policy 
15 lookup and policy enforcement, the host in the internal network 
is trusted to carry out most of the policy enforcement instead. 
In contrast, the firewall in Coss has access to packets for 
independent policy verification and is essentially transparent to 
client computers. 

20 More particularly, it is submitted that neither Coss nor any 

other cited reference teaches or suggests the combination of the 
steps of: receiving transformation information from the fire wall 
and applying the transformation information to the message to 
modify the message to be sent in accordance with the information 

25 sent from the firewall, and the firewall associating the 
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identification data, received from the first computer, with the 
connection for the message and letting the message through the 
firewall as long as the firewall associates the identification 
data with the connection for the message. 
5 Applicant fails to see why a person of ordinary skill 

in the art would look to Coss and the other cited references to 
learn about the specific use of transformation data and 
association of identification data to determine whether to let a 
message through the firewall when such steps are completely 
10 missing in Coss and the other cited references. it is submitted 
that Coss would require extensive modifications that are not 
taught or suggested in order to meet all the limitations of the 
amended claim 1 . 

In view of the above, the amended claim 1 is submitted 
15 to be allowable. 

Claims 2-10 are submitted to be allowable because they 
depend, either directly or indirectly, on the amended allowable 
base claim 1 and because each claim includes limitations that are 
not taught or suggested in the cited references. 
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In view of the above, the application is submitted to 
be in condition for allowance, and such action is respectfully 
requested. 



10 



15 



FASTH LAW OFFICES 
26 Pinecrest Plaza, Suite 2 
20 Southern Pines, nc 28387-4301 

Telephone: (910) 687-0001 
Facsimile: (910) 295-2152 



Respectfully submitted, 
FASTH LAW OFFICES 




Rolf Fasth 
Registration No. 36,999 



- 9 - 



